package com.cskaoyan.config.shiroConfig;

import com.cskaoyan.bean.marketBean.MarketAdmin;
import com.cskaoyan.bean.marketBean.MarketAdminExample;
import com.cskaoyan.bean.marketBean.MarketUser;
import com.cskaoyan.bean.marketBean.MarketUserExample;
import com.cskaoyan.mapper.marketMapper.MarketAdminMapper;
import com.cskaoyan.mapper.marketMapper.MarketPermissionMapper;
import com.cskaoyan.mapper.marketMapper.MarketUserMapper;
import com.cskaoyan.mapper.marketMapper.UserMapper;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.Collection;
import java.util.List;

/**
 * @author wxgl
 * @date 2022-12-29 20:29
 * @describe
 */
@Component
public class CustomRealm extends AuthorizingRealm {
    @Autowired
    MarketAdminMapper adminMapper;
    @Autowired
    MarketUserMapper userMapper;
    @Autowired
    MarketPermissionMapper permissionMapper;

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //通常gen'juAuthenticationToken获取用户在数据库中的信息
        MyUsernamePasswordToken token = (MyUsernamePasswordToken) authenticationToken;
        String username = token.getUsername();

        String type = token.getType();
        if (type.equals("admin")){
            MarketAdminExample example = new MarketAdminExample();
            example.createCriteria().andUsernameEqualTo(username);
            List<MarketAdmin> marketAdmins = adminMapper.selectByExample(example);
            if (marketAdmins.size() == 1) {
                //说明数据库有一条信息
                MarketAdmin marketAdmin = marketAdmins.get(0);
                //构造认证信息时，可以放入你需要的用户信息，而你放入的用户信息，可以作为Principals
                //放入这个信息，是为了取出这个信息
                //第二个参数credentials是真实的密码，会和AuthenticationToken中的password作比较
                return new SimpleAuthenticationInfo(marketAdmin, marketAdmin.getPassword(), getName());
            }
        }else if (type.equals("user")) {
            MarketUserExample example = new MarketUserExample();
            example.createCriteria().andUsernameEqualTo(username);
            List<MarketUser> marketUsers = userMapper.selectByExample(example);
            if (marketUsers.size() == 1) {
                //说明数据库有一条信息
                MarketUser marketUser = marketUsers.get(0);
                //构造认证信息时，可以放入你需要的用户信息，而你放入的用户信息，可以作为Principals
                //放入这个信息，是为了取出这个信息
                //第二个参数credentials是真实的密码，会和AuthenticationToken中的password作比较
                return new SimpleAuthenticationInfo(marketUser, marketUser.getPassword(), getName());
            }
        }
        return null;
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

                //获得Principal信息
        MarketAdmin primaryPrincipal = (MarketAdmin) principalCollection.getPrimaryPrincipal();
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        Integer[] roleIds = primaryPrincipal.getRoleIds();

        Collection<String> permissions = permissionMapper.selectByRoleId(roleIds);
        simpleAuthorizationInfo.addStringPermissions(permissions);

        return simpleAuthorizationInfo;
    }

}
